package com.squareup.cash.biometrics;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import androidx.biometric.BiometricManager;
import com.squareup.cash.biometrics.SecureStore;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Set;
import javax.crypto.Cipher;
import kotlin.collections.CollectionsKt___CollectionsKt;
import kotlin.coroutines.Continuation;
import kotlin.coroutines.CoroutineContext;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlinx.coroutines.BuildersKt;
import kotlinx.coroutines.sync.MutexImpl;
import kotlinx.coroutines.sync.MutexKt;
import okio.ByteString;
import timber.log.Timber;

/* compiled from: AndroidSecureStore.kt */
/* loaded from: classes2.dex */
public final class AndroidSecureStore implements SecureStore {
    public final BiometricManager biometricManager;
    public final Crypto crypto;
    public final MutexImpl dataLock;
    public final CoroutineContext ioDispatcher;
    public final String keyAlias;
    public final SharedPreferencesStorage storage;

    /* compiled from: AndroidSecureStore.kt */
    /* loaded from: classes2.dex */
    public static abstract class Crypto {

        /* compiled from: AndroidSecureStore.kt */
        /* loaded from: classes2.dex */
        public static final class Ready extends Crypto {
            public final KeyFactory keyFactory;
            public final KeyPairGenerator keyGenerator;
            public final KeyStore keyStore;

            public Ready(KeyStore keyStore, KeyPairGenerator keyPairGenerator, KeyFactory keyFactory) {
                super(null);
                this.keyStore = keyStore;
                this.keyGenerator = keyPairGenerator;
                this.keyFactory = keyFactory;
            }
        }

        /* compiled from: AndroidSecureStore.kt */
        /* loaded from: classes2.dex */
        public static final class Unavailable extends Crypto {
            public static final Unavailable INSTANCE = new Unavailable();

            public Unavailable() {
                super(null);
            }
        }

        public Crypto(DefaultConstructorMarker defaultConstructorMarker) {
        }
    }

    public AndroidSecureStore(Context context, SharedPreferencesStorage storage, CoroutineContext ioDispatcher) {
        Crypto crypto;
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(storage, "storage");
        Intrinsics.checkNotNullParameter(ioDispatcher, "ioDispatcher");
        this.storage = storage;
        this.keyAlias = "cash-key";
        this.ioDispatcher = ioDispatcher;
        this.biometricManager = BiometricManager.from(context);
        this.dataLock = (MutexImpl) MutexKt.Mutex$default();
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyPairGenerator keyGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            createCipher();
            Intrinsics.checkNotNullExpressionValue(keyGenerator, "keyGenerator");
            Intrinsics.checkNotNullExpressionValue(keyFactory, "keyFactory");
            crypto = new Crypto.Ready(keyStore, keyGenerator, keyFactory);
        } catch (Exception unused) {
            crypto = Crypto.Unavailable.INSTANCE;
        }
        this.crypto = crypto;
    }

    public static final void access$prepareKeyStore(AndroidSecureStore androidSecureStore, Crypto.Ready ready) {
        try {
            try {
                Key key = ready.keyStore.getKey(androidSecureStore.keyAlias, null);
                Certificate certificate = ready.keyStore.getCertificate(androidSecureStore.keyAlias);
                if (key != null && certificate != null) {
                    androidSecureStore.createCipher().init(2, key);
                    return;
                }
            } catch (Exception unused) {
                Timber.Forest.d("Key invalidated.", new Object[0]);
            }
            androidSecureStore.storage.prefs.edit().clear().apply();
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(androidSecureStore.keyAlias, 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setUserAuthenticationRequired(true).build();
            Intrinsics.checkNotNullExpressionValue(build, "Builder(keyAlias, PURPOS…ed(true)\n        .build()");
            ready.keyGenerator.initialize(build);
            ready.keyGenerator.generateKeyPair();
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // com.squareup.cash.biometrics.SecureStore
    public final void clear() {
        this.storage.prefs.edit().clear().apply();
    }

    public final Cipher createCipher() {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(\"$KEY_ALGORI…PTION_PADDING_RSA_PKCS1\")");
        return cipher;
    }

    @Override // com.squareup.cash.biometrics.SecureStore
    public final boolean isSecureStoreSupported() {
        return this.crypto instanceof Crypto.Ready;
    }

    @Override // com.squareup.cash.biometrics.SecureStore
    public final Object read(String str, Continuation<? super SecureStore.SecureValue> continuation) {
        return BuildersKt.withContext(this.ioDispatcher, new AndroidSecureStore$read$2(this, str, null), continuation);
    }

    @Override // com.squareup.cash.biometrics.SecureStore
    public final void remove(Function1<? super String, Boolean> function1) {
        Set set = CollectionsKt___CollectionsKt.toSet(this.storage.prefs.getAll().keySet());
        ArrayList arrayList = new ArrayList();
        for (Object obj : set) {
            if (function1.invoke(obj).booleanValue()) {
                arrayList.add(obj);
            }
        }
        SharedPreferencesStorage sharedPreferencesStorage = this.storage;
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            sharedPreferencesStorage.remove((String) it.next());
        }
    }

    @Override // com.squareup.cash.biometrics.SecureStore
    public final Object write(String str, ByteString byteString, Continuation<? super SecureStore.WriteResult> continuation) {
        return BuildersKt.withContext(this.ioDispatcher, new AndroidSecureStore$write$2(this, byteString, str, null), continuation);
    }
}
